Blog Posts Tagged with "Privacy"

Every year or so, an otherwise smart information security professional publishes some really bad information security advice about how awareness and training is a waste of time and money. Bottom line for all organizations: Humans have always been and will always be the weakest link in security...

"Watch the scams and traps that are strewn like land mines throughout the site. Watch the free give-aways, be wary of clicking on pictures and videos and look carefully at any messages that contain links or suggest web sites to visit. Also, be VERY careful about ‘friends’ of friends..."

Mobile devices are on the move, meaning they can more easily be lost or stolen and their screens and keyboards are easier targets for “over the shoulder” browsing. When we lose our phones, we think about the pain and cost of replacing the device. But that’s just the tip of the iceberg...

Health information exchanges (HIE) enable the sharing of health records by physicians and other providers, enabling my family physician to see the results without getting up from her desk or without me shlepping paper or CD. Unfortunately, HIE are being modeled after the retail industry supply-chain model...

The FBI wants to be able to search and identify people in photos of crowds and in pictures posted on social media sites—even if the people in those photos haven’t been arrested for or even suspected of a crime. The FBI may also want to incorporate those crowd or social media photos into its face recognition database...

If we don’t continue to raise issues about online privacy and security, websites and their companies’ leadership will continue to demand access to our confidential information under the pretense of doing business, or in scarier terms, doing business as usual. One website that causes concern is Foursquare...

One must know the technology and the problems with it before using it cognizantly. This unfortunately is not the case in what is being advocated by Quinn Norton on Wired with regard to Cryptocat. Specifically where she makes declamations about overthrowing governments with things like untested crypto schemes...

Senators John McCain and Kay Bailey Hutchison have proposed amendments that would hand the reins of our nation’s cybersecurity systems to the NSA. The agency's dark history, flouting of domestic law, and resistance to transparency makes it clear that the nation's cybersecurity should not be in its hands...

Face recognition in online applications is particularly problematic as personal data is sometimes used out of context by employers and law enforcement. Therefore, European privacy officials’ opinion recommending various practices for these applications could not have come at a better time...

It’s not just about protecting ourselves from identity theft or fraud like when our account number or government-issued ID numbers are exposed. It’s what I like to call privacy for the sake of privacy. Just knowing that someone could be looking at our personal histories doesn’t sit well with the public...

We remain unpersuaded that any of the proposed cybersecurity measures are necessary and we still have concerns about certain sections of the bill, especially the sections on monitoring and countermeasures. But this was a big step in the direction of protecting online rights...

I've gotten in a lot of arguments lately about the end-user side of technology - privacy. Many in the security industry already know most of the things people are discovering, and have screamed warnings from the mountaintops to the folks below. Alas, this is the woe of being a security engineer...

If most websites can’t get password storage right, you can bet they can’t get storage of the content you are trusting them with right either. The private documents that you stored with your favorite cloud service are probably not encrypted in a way that only your account can decrypt, if they’re encrypted at all...

Senator Rockefeller was skeptical about the industry’s claims that they needed to engage in pervasive tracking for cybersecurity purposes. He stated: “I just want to declare the whole cybersecurity matter a total red herring.” We agree that strong cybersecurity does not necessitate surveillance of our browsing habits...

Efforts to break the partisan stalemate over the Cybersecurity Act, a bill that would allow Internet companies to monitor the communications of users and pass that data to the government without any judicial oversight, have backers of the bill attempting to drum up fears about catastrophic cyberattacks...

A controversial, anti-privacy data retention mandate is notably absent from the child protection bill recently introduced by Rep. Lamar Smith. Smith had previously introduced H.R. 1981, which would have mandated that ISPs collect and maintain data on Internet users not suspected of any crime...